free5GC 5G Network Core Disrupted by Malicious Message

Summary

A security flaw in the free5GC software for 5G networks can be exploited by hackers to crash the core network, causing service outages and disruptions. This affects all free5GC users who are using the UPF and SMF components, and a fix is currently in development. Until a patch is released, it's recommended to apply it as soon as possible to prevent potential disruptions.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
free5gc	go-upf	<= 1.2.6	–
free5gc	smf	<= 1.4.0	–

Original title

free5GC is an open-source project for 5th generation (5G) mobile core networks. free5GC go-upf versions up to and including 1.2.6, corresponding to free5gc smf up to and including 1.4.0, have an Im...

Original description

free5GC is an open-source project for 5th generation (5G) mobile core networks. free5GC go-upf versions up to and including 1.2.6, corresponding to free5gc smf up to and including 1.4.0, have an Improper Input Validation and Protocol Compliance vulnerability leading to Denial of Service. Remote attackers can disrupt core network functionality by sending a malformed PFCP Association Setup Request. The UPF incorrectly accepts it, entering an inconsistent state that causes subsequent legitimate requests to trigger SMF reconnection loops and service degradation. All deployments of free5GC using the UPF and SMF components may be affected. As of time of publication, a fix is in development but not yet available. No direct workaround is available at the application level. Applying the official patch, once released, is recommended.

nvd CVSS3.1 7.5

nvd CVSS4.0 2.7

Vulnerability type

CWE-20 Improper Input Validation

https://github.com/free5gc/free5gc/issues/745 Exploit Issue Tracking Vendor Advisory
https://github.com/free5gc/free5gc/security/advisories/GHSA-8m42-qw58-8362 Vendor Advisory